One of the more dangerous SQL commands is SHUTDOWN WITH NOWAIT, which works as advertised and would lock everyone out. The attacker would type in the following username field:
' ; shutdown with nowait; -_
The following would happen if inserted into the ASP Script:
select uName from users where uName=';
shutdown with nowait;--' and uPass='
Execute strored procedures.
MSSQL has several extedned (DLL Based) stored procedures that can cause some serious hard to the server itself.
These can be executed by injecting them into the ASP page thr the forms fields:
';exec master..xo_cmdshell ; iireset';--
This wold reset the IIS server through the command line shell. This is harmful if the application is connected with an SA or equivalent account.
SQL Injection 
Linear Mode
